package org.wx.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 开启认证 任何的请求都要进行认证
        http.authorizeRequests().anyRequest().authenticated().and();

        http.formLogin()
                .loginPage("/login.html")   // 登录页面
                .loginProcessingUrl("/doLogin") // 拦截特定的请求去登录
                .defaultSuccessUrl("/index") // 登录成功跳转的url
                .failureUrl("/login.html") // 失败调整的url
                .usernameParameter("uname") // 表单中的参数名称
                .passwordParameter("passwd") // 表单中的参数名称
                .permitAll() //  放权formLogin
                .and();
        // 忽略csrf
        http.csrf().disable();
    }
}
